diff --git a/conf/nginx.conf b/conf/nginx.conf index 6b738ce..86f404e 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,7 +2,7 @@ location __PATH__/ { # Path to source - alias __FINALPATH__/; + alias __INSTALL_DIR__/; ### Example PHP configuration (remove it if not used) index index.php; diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index ab1a471..13a53b0 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -358,7 +358,7 @@ request_terminate_timeout = 1d ; Chdir to this directory at the start. ; Note: relative path can be used. ; Default Value: current directory or / when chroot -chdir = __FINALPATH__ +chdir = __INSTALL_DIR__ ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. diff --git a/conf/systemd.service b/conf/systemd.service index caf7e46..f100e84 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,8 +6,8 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/script +WorkingDirectory=__INSTALL_DIR__/ +ExecStart=__INSTALL_DIR__/script StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 1272ce4..0000000 --- a/manifest.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "name": "Example app", - "id": "example", - "packaging_format": 1, - "description": { - "en": "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)", - "fr": "Expliquez en *quelques* (10~15) mots l'utilité de l'app ou ce qu'elle fait (l'objectif est de donner une idée grossière pour des utilisateurs qui naviguent dans un catalogue de 100+ apps)" - }, - "version": "1.0~ynh1", - "url": "https://example.com", - "upstream": { - "license": "free", - "website": "https://example.com", - "demo": "https://demo.example.com", - "admindoc": "https://yunohost.org/packaging_apps", - "userdoc": "https://yunohost.org/apps", - "code": "https://some.forge.com/example/example" - }, - "license": "free", - "maintainer": { - "name": "John doe", - "email": "john.doe@example.com" - }, - "requirements": { - "yunohost": ">= 11.0.0" - }, - "multi_instance": true, - "services": [ - "nginx", - "php7.4-fpm", - "mysql" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/example", - "default": "/example" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - }, - { - "name": "language", - "type": "string", - "ask": { - "en": "Choose the application language", - "fr": "Choisissez la langue de l'application" - }, - "choices": ["fr", "en"], - "default": "fr" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "password", - "type": "password", - "help": { - "en": "Use the help field to add an information for the admin about this question.", - "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." - } - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..310b1c3 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,103 @@ +packaging_format = 2 + +id = "example" +name = "Example app" +description.en = "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)" +description.fr = "Expliquez en *quelques* (10~15) mots l'utilité de l'app ou ce qu'elle fait (l'objectif est de donner une idée grossière pour des utilisateurs qui naviguent dans un catalogue de 100+ apps)" + +version = "1.0~ynh1" + +maintainers = ["johndoe"] + +[upstream] +# NB: Only the "license" key is mandatory. Remove entries for which there's no relevant data +license = "free" +website = "https://example.com" +demo = "https://demo.example.com" +admindoc = "https://yunohost.org/packaging_apps" +userdoc = "https://yunohost.org/apps" +code = "https://some.forge.com/example/example" +# FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, YunoHost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) +cpe = "???" +# FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. +fund = "???" + +[integration] +yunohost = ">= 11.0.0" +# FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +architectures = "all" +multi_instance = true +# FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. +ldap = "?" +# FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. +sso = "?" +# FIXME: replace with an **estimate** minimum disk and RAM requirements. e.g. 20M, 400M, 1G, ... +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" + +[install] + [install.domain] + # this is a generic question - ask strings are automatically handled by YunoHost's core + type = "domain" + + [install.path] + # this is a generic question - ask strings are automatically handled by YunoHost's core + type = "path" + default = "/example" + + [install.init_main_permission] + # this is a generic question - ask strings are automatically handled by YunoHost's core + # This won't be saved as setting and will instead be used to initialize the SSOwat permission + type = "group" + default = "visitors" + + [install.language] + ask.en = "Choose the application language" + ask.fr = "Choisissez la langue de l'application" + type = "string" + choices = ["fr", "en"] + default = "fr" + + [install.admin] + # this is a generic question - ask strings are automatically handled by YunoHost's core + type = "user" + + [install.password] + # this is a generic question - ask strings are automatically handled by YunoHost's core + # Note that user-provided passwords questions are not automatically saved as setting + help.en = "Use the help field to add an information for the admin about this question." + help.fr = "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." + type = "password" + +[resources] + # See the packaging documentation for the full set + # of explanation regarding the behavior and properties for each of those + + [resources.system_user] + # This will provision/deprovision a unix system user + + [resources.install_dir] + # This will create/remove the install dir as /var/www/$app + # and store the corresponding setting $install_dir + + [resources.data_dir] + # This will create/remove the data dir as /home/yunohost.app/$app + # and store the corresponding setting $data_dir + + [resources.permissions] + # This will configure SSOwat permission for $domain/$path/ + # The initial allowed group of user is configured via the init_main_permission question (public=visitors, private=all_users) + main.url = "/" + + [resources.ports] + # This will pick a random port for reverse-proxying and store it as the $port setting + + [resources.apt] + # This will automatically install/uninstall the following apt packages + # and implicitly define the $phpversion setting as 8.0 (if phpX.Y-foobar dependencies are listed) + packages = "deb1, deb2, php8.0-foo, php8.0-bar" + + [resources.database] + # This will automatically provision/deprovison a mysql DB and store the corresponding credentials in settings $db_user, $db_name, $db_pwd + type = "mysql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 04b61bb..944a65e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,25 +3,6 @@ #================================================= # COMMON VARIABLES #================================================= -# PHP APP SPECIFIC -#================================================= -# Depending on its version, YunoHost uses different default PHP version: -## YunoHost version "11.X" => PHP 7.4 -## YunoHost version "4.X" => PHP 7.3 -# -# This behaviour can be overridden by setting the YNH_PHP_VERSION variable -#YNH_PHP_VERSION=7.3 -#YNH_PHP_VERSION=7.4 -#YNH_PHP_VERSION=8.0 -# For more information, see the PHP application helper: https://github.com/YunoHost/yunohost/blob/dev/helpers/php#L3-L6 -# Or this app package depending on PHP: https://github.com/YunoHost-Apps/grav_ynh/blob/master/scripts/_common.sh -# PHP dependencies used by the app (must be on a single line) -#php_dependencies="php$YNH_PHP_VERSION-deb1 php$YNH_PHP_VERSION-deb2" -# or, if you do not need a custom YNH_PHP_VERSION: -php_dependencies="php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2" - -# dependencies used by the app (must be on a single line) -pkg_dependencies="deb1 deb2 $php_dependencies" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index f99225d..3d72f4c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,30 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -48,13 +24,14 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$datadir" --is_big +# Only relevant if there is a "data_dir" resource for this app +ynh_backup --src_path="$data_dir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/install b/scripts/install index 1fc28de..506f874 100755 --- a/scripts/install +++ b/scripts/install @@ -9,137 +9,29 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= +# Install parameters are automatically saved as settings +# +# Settings are automatically loaded as bash variables +# in every app script context, therefore typically these will exist: +# - $domain +# - $path +# - $language +# ... etc +# +# Resources defined in the manifest are provisioned prior to this script +# and corresponding settings are also available, such as: +# - $install_dir +# - $port +# - $db_name +# ... -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# +# $app is the app id (i.e. 'example' for first install, +# or 'example__2', '__3', ... for multi-instance installs) +# #================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -is_public=$YNH_APP_ARG_IS_PUBLIC -language=$YNH_APP_ARG_LANGUAGE -admin=$YNH_APP_ARG_ADMIN -password=$YNH_APP_ARG_PASSWORD - -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -### About --weight and --time -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### --time is a packager option, it will show you the execution time since the previous call. -### This option is implied when running in CI_package_check, you can manually add it if you are manually testing the app. -### Use the execution time displayed in the CI report or by adding --time to the command, to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. -ynh_script_progression --message="Validating installation parameters..." --weight=1 - -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=language --value=$language -ynh_app_setting_set --app=$app --key=admin --value=$admin - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 - -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - -# Find an available port -port=$(ynh_find_port --port=8095) -ynh_app_setting_set --app=$app --key=port --value=$port - -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - -# Open the port -# ynh_script_progression --message="Configuring firewall..." --weight=1 -# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 - -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script - -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# CREATE A MYSQL DATABASE -#================================================= -ynh_script_progression --message="Creating a MySQL database..." --weight=1 - -### Use these lines if you need a database for the application. -### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. -### The password will be stored as 'mysqlpwd' into the app settings, -### and will be available as $db_pwd -### If you're not using these lines: -### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script -### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script -### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script - -db_name=$(ynh_sanitize_dbid --db_name=$app) -db_user=$db_name -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name - +# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -149,24 +41,19 @@ ynh_script_progression --message="Setting up source files..." --weight=1 ### downloaded from an upstream source, like a git repository. ### `ynh_setup_source` use the file conf/app.src -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" + +# $install_dir will automatically be initialized with some decent +# permission by default ... however, you may need to recursively reapply +# ownership to all files such as after the ynh_setup_source step +chown -R $app:www-data "$install_dir" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" #================================================= -# PHP-FPM CONFIGURATION +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 +ynh_script_progression --message="Adding system configurations related to $app ..." --weight=1 ### `ynh_add_fpm_config` is used to set up a PHP config. ### You can remove it if your app doesn't use PHP. @@ -179,90 +66,12 @@ ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 ### with the reload at the end of the script. ### - And the section "PHP-FPM CONFIGURATION" in the upgrade script -# Create a dedicated PHP-FPM config +# Create a dedicated PHP-FPM config using the conf/php-fpm.conf or conf/extra_php-fpm.conf ynh_add_fpm_config -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=1 - -### `ynh_add_nginx_config` will use the file conf/nginx.conf - -# Create a dedicated NGINX config +# Create a dedicated NGINX config using the conf/nginx.conf template ynh_add_nginx_config -#================================================= -# SPECIFIC SETUP -#================================================= -# ... -#================================================= - -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." --weight=1 - -### Use these lines if you need to create a directory to store "persistent files" for the application. -### Usually this directory is used to store uploaded files or any file that won't be updated during -### an upgrade and that won't be deleted during app removal unless "--purge" option is used. -### If you're not using these lines: -### - Remove the section "BACKUP THE DATA DIR" in the backup script -### - Remove the section "RESTORE THE DATA DIRECTORY" in the restore script -### - As well as the section "REMOVE DATA DIR" in the remove script - -datadir=/home/yunohost.app/$app -ynh_app_setting_set --app=$app --key=datadir --value=$datadir - -mkdir -p $datadir - -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" - -#================================================= -# ADD A CONFIGURATION -#================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 - -### You can add specific configuration files. -### -### Typically, put your template conf file in ../conf/your_config_file -### The template may contain strings such as __FOO__ or __FOO_BAR__, -### which will automatically be replaced by the values of $foo and $foo_bar -### -### ynh_add_config will also keep track of the config file's checksum, -### which later during upgrade may allow to automatically backup the config file -### if it's found that the file was manually modified -### -### Check the documentation of `ynh_add_config` for more info. - -ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 400 "$final_path/some_config_file" -chown $app:$app "$final_path/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring a systemd service..." --weight=1 - ### `ynh_systemd_config` is used to configure a systemd script for an app. ### It can be used for apps that use sysvinit (with adaptation) or systemd. ### Have a look at the app to be sure this app needs a systemd script. @@ -277,50 +86,6 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# SETUP APPLICATION WITH CURL -#================================================= - -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Set the app as temporarily public for curl call -ynh_script_progression --message="Configuring SSOwat..." --weight=1 -# Making the app public for curl -ynh_permission_update --permission="main" --add="visitors" - -# Installation with curl -ynh_script_progression --message="Finalizing installation..." --weight=1 -ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" - -# Remove the public access -ynh_permission_update --permission="main" --remove="visitors" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 - -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script - -# Use logrotate to manage application logfile(s) -ynh_use_logrotate - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - ### `yunohost service add` integrates a service in YunoHost. It then gets ### displayed in the admin interface and through the others `yunohost service` commands. ### (N.B.: this line only makes sense if the app adds a service to the system!) @@ -348,6 +113,69 @@ yunohost service add $app --description="A short description of the app" --log=" ### weren't enabled on old installs (be careful it'll override the existing ### service though so you should re-provide all relevant flags when doing so) +### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. +### Use this helper only if there is effectively a log file for this app. +### If you're not using this helper: +### - Remove the section "BACKUP LOGROTATE" in the backup script +### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script +### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script +### - And the section "SETUP LOGROTATE" in the upgrade script + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + +#================================================= +# APP INITIAL CONFIGURATION +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 + +### You can add specific configuration files. +### +### Typically, put your template conf file in ../conf/your_config_file +### The template may contain strings such as __FOO__ or __FOO_BAR__, +### which will automatically be replaced by the values of $foo and $foo_bar +### +### ynh_add_config will also keep track of the config file's checksum, +### which later during upgrade may allow to automatically backup the config file +### if it's found that the file was manually modified +### +### Check the documentation of `ynh_add_config` for more info. + +ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file" + +# FIXME: this should be handled by the core in the future +# You may need to use chmod 600 instead of 400, +# for example if the app is expected to be able to modify its own config +chmod 400 "$install_dir/some_config_file" +chown $app:$app "$install_dir/some_config_file" + +### For more complex cases where you want to replace stuff using regexes, +### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) +### When doing so, you also need to manually call ynh_store_file_checksum +### +### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file" +### ynh_store_file_checksum --file="$install_dir/some_config_file" + +#================================================= +# SETUP APPLICATION WITH CURL +#================================================= + +### Use these lines only if the app installation needs to be finalized through +### web forms. We generally don't want to ask the final user, +### so we're going to use curl to automatically fill the fields and submit the +### forms. + +# Installation with curl +ynh_script_progression --message="Finalizing installation..." --weight=1 +ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" + +#================================================= +# GENERIC FINALIZATION #================================================= # START SYSTEMD SERVICE #================================================= @@ -364,47 +192,7 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" -fi - -### N.B. : the following extra permissions only make sense if your app -### does have for example an admin interface or an API. - -# Only the admin can access the admin panel of the app (if the app has an admin panel) -ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin - -# Everyone can access the API part -# We don't want to display the tile in the SSO so we put --show_tile="false" -# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= - ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index ca31e5a..f314aa1 100755 --- a/scripts/remove +++ b/scripts/remove @@ -9,26 +9,29 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +# Settings are automatically loaded as bash variables +# in every app script context, therefore typically these will exist: +# - $domain +# - $path +# - $language +# - $install_dir +# - $port +# ... -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) +# For remove operations : +# - the core will deprovision every resource defined in the manifest **after** this script is ran +# this includes removing the install directory, and data directory (if --purge was used) #================================================= -# STANDARD REMOVE +# REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEMD SERVICE #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 + +# This should be a symetric version of what happens in the install script + # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then @@ -36,117 +39,24 @@ then yunohost service remove $app fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 - -# Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Removing logrotate configuration..." --weight=1 - -# Remove the app-specific logrotate config -ynh_remove_logrotate - -#================================================= -# REMOVE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Removing the MySQL database..." --weight=1 - -# Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." --weight=1 - ynh_secure_remove --file="$datadir" -fi - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - -# Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 - -# Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 +ynh_remove_logrotate -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1 - -# Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." --weight=1 +# Remove other various files specific to the app... such as : -# Remove a cron file ynh_secure_remove --file="/etc/cron.d/$app" -# Remove a directory securely ynh_secure_remove --file="/etc/$app" -# Remove the log files ynh_secure_remove --file="/var/log/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 1be949b..2bec09d 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,174 +10,75 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +# $install_dir will automatically be initialized with some decent +# permission by default ... however, you may need to recursively reapply +# ownership to all files such as after the ynh_setup_source step +chown -R $app:www-data "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression --message="Restoring the data directory..." --weight=1 -ynh_restore_file --origin_path="$datadir" --not_mandatory +ynh_restore_file --origin_path="$data_dir" --not_mandatory -mkdir -p $datadir - -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" - -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." --time --weight=1 - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --time --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +# (Same as for install dir) +chown -R $app:www-data "$data_dir" #================================================= # RESTORE THE MYSQL DATABASE #================================================= ynh_script_progression --message="Restoring the MySQL database..." --weight=1 -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= -# RESTORE VARIOUS FILES +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring various files..." --weight=1 - -ynh_restore_file --origin_path="/etc/cron.d/$app" - -ynh_restore_file --origin_path="/etc/$app/" - +# RESTORE THE PHP-FPM CONFIGURATION #================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 + +# This should be a symetric version of what happens in the install script + +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" ynh_restore_file --origin_path="/etc/logrotate.d/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +# Other various files... -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 - -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" +ynh_restore_file --origin_path="/etc/cron.d/$app" +ynh_restore_file --origin_path="/etc/$app/" #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND PHP-FPM +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 +# Typically you only have either $app or php-fpm but not both at the same time... +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=php$phpversion-fpm --action=reload + ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade old mode 100644 new mode 100755 index f38c139..754d0c1 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,23 +9,18 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +# Settings are automatically loaded as bash variables +# in every app script context, therefore typically these will exist: +# - $domain +# - $path +# - $language +# - $install_dir +# - $port +# ... -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -language=$(ynh_app_setting_get --app=$app --key=language) -admin=$(ynh_app_setting_get --app=$app --key=admin) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) - -#================================================= -# CHECK VERSION -#================================================= +# In the context of upgrade, +# - resources are automatically provisioned / updated / deleted (depending on existing resources) +# - a safety backup is automatically created by the core and will be restored if the upgrade fails ### This helper will compare the version of the currently installed app and the version of the upstream package. ### $upgrade_type can have 2 different values @@ -35,33 +30,12 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) ### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 - -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 +#ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 # # N.B. : the followings setting migrations snippets are provided as *EXAMPLES* @@ -75,40 +49,21 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # ynh_app_setting_set --app=$app --key=db_name --value=$db_name #fi -# If final_path doesn't exist, create it -#if [ -z "$final_path" ]; then -# final_path=/var/www/$app -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# If install_dir doesn't exist, create it +#if [ -z "$install_dir" ]; then +# install_dir=/var/www/$app +# ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir #fi -### If nobody installed your app before 4.1, -### then you may safely remove these lines +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -if ! ynh_permission_exists --permission="admin"; then - # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" -fi +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" #================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - +# "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD, ETC...) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -118,48 +73,37 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$install_dir" fi -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +# $install_dir will automatically be initialized with some decent +# permission by default ... however, you may need to recursively reapply +# ownership to all files such as after the ynh_setup_source step +chown -R $app:www-data "$install_dir" + #================================================= -# UPGRADE DEPENDENCIES +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=1 +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 -ynh_install_app_dependencies $pkg_dependencies +# This should be a literal copypasta of what happened in the install's "System configuration" section -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 - -# Create a dedicated PHP-FPM config ynh_add_fpm_config -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 - -# Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC UPGRADE -#================================================= -# ... -#================================================= +ynh_add_systemd_config +yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" + +ynh_use_logrotate --non-append + +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + + +#================================================= +# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS, ...) #================================================= # UPDATE A CONFIG FILE #================================================= @@ -170,45 +114,20 @@ ynh_script_progression --message="Updating a configuration file..." --weight=1 ### The file will automatically be backed-up if it's found to be manually modified (because ### ynh_add_config keeps track of the file's checksum) -ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" +ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file" # FIXME: this should be handled by the core in the future # You may need to use chmod 600 instead of 400, # for example if the app is expected to be able to modify its own config -chmod 400 "$final_path/some_config_file" -chown $app:$app "$final_path/some_config_file" +chmod 400 "$install_dir/some_config_file" +chown $app:$app "$install_dir/some_config_file" ### For more complex cases where you want to replace stuff using regexes, ### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) ### When doing so, you also need to manually call ynh_store_file_checksum ### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 - -# Create a dedicated systemd config -ynh_add_systemd_config - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file" +### ynh_store_file_checksum --file="$install_dir/some_config_file" #================================================= # START SYSTEMD SERVICE @@ -217,21 +136,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #=================================================